Details

Description

While testing EZP-22479 I noticed something weird about the policies.
If you enter the backend, go to "User accounts" -> "Roles and policies" and grant "user", "login" for an existing user group, this new policy/limitation will not be available for Public API.

In my case I granted the "Member" group to "user", "login", "SiteAccess( ezdemo_site_admin )".

If I test if one of my member users have access with canUser( 'user', 'login', $siteAccess ) the result will be always negative.